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1.0 


INTRODUCTION 


This document presents the Reliability Program Plan to be implemented on the 
HRUV Spectrometer/Polarimeter Electronics Assy Program at SCI Systems, Inc. 

This document is submitted for review by Marshall Space Flight Center (MSFC) 
as a data submittal for contract NAS8- 32035. 

This document will be the governing document for the reliability tasks to be 
accomplished during the program. This plan is in basic conformance to the 
requirements of NHB5300(1A), Reliability Program Provisions for Space System 
Contractors, and is intended to provide an effective guide towards achievement 
of the reliability requirements contained in GSFC Document SMM-300-01 Revision A. 


2.0 


APPLICABLE DOCUMENTS 


The following documents form a part of this program plan to the extent specified 
herein. 


GSFC SPECIFICATIONS 

PPL 12 GSFC Preferred Parts List Number 12 

(Notices 1 ar.d 2) 

SMM-300-01 Reliability end Quality Assurance Specification 

for SMM Instruments 

NASA DOCUMENTS 

NHB5300.4 (1A) Reliability Program Provisions for Space System 

Contractors . 

MILITARY DOCUMENTS 


MIL-M-38510 Microcircuits, General Specification for 

MIL-STD-975 (NASA) Standard Parts i.ist for Flight and Mission- 

Essential Ground Support Equipment 


MIL-S-19500 


Semiconductors, General Specification for 



3.0 


RELIABILITY MANAGEMENT 


The reliability tasks required for the program will be conducted by the Relia- 
bility Engineering Section. The activities of this section are directed by a 
Reliability Supervisor who reports to the Quality and Reliability Assurance 
Manager. The Reliability Supervisor is charged with the responsibility of 
providing the Program Manager with specialized support in the reliability 
disciplines. This will then allow the Program Manager to comply with the 
program requirements in this specialty area without bearing the burden of 
detail involvement in the daily activities of the reliability efforts. This 
organization provides a single source of responsibility to enforce the relia- 
bility policies and the authority to ensure necessary actions consistent with 
the reliability program requirements. 

In summary, the reliability function will be managed as to maintain the integrity 
of the hardware through the established disciplines of the reliability trade. 

This will assure the customer that the deliverable items will meet the mission 

t 

requirements throughout their intended lifetime. 

3.1 ORGANIZATION 

Figure 3-1 indicates the administrative organization by which the reliability 
section will be governed in its relationship to the HRUV Spectrometer/Polarimeter 
Electronics Assembly Program. With the aid of this chart it is easily seen that 
the separate hierachy of program engineering and reliability are maintained. 

This arrangement provides a close functional relationship between the respective 
groups while providing the separate administrative paths required by charter. 
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3.2 


RELIABILITY SECTION 


The primary role of the Reliability Section is to provide direct assistance in 
the areas of reliability engineering, reliability analysis, component selection 
and component analysis. The department provides indirect support in the way 
of statistical evaluation of test results and trend evaluation. This particular 
operation insures that sufficient inter-program communication is maintained con- 
cerning the general performance and quality of the electronic hardware developed 
and produced by SCI Systems, Inc. 

The organization of the Reliability section is presented by the functional task 
chart on the following page. This chart outlines the assigned duties of each 
operating group within the department. 

In general, SCI's Reliability Section operates to fulfill the exacting analytical 
requirements of the applicable military and civilian aerospace programs. The 
experience gained on previous programs will allow the several tasks to be per- 
formed using the most recent component information available coupled with exact- 

\ 

ing electrical and mechanical designs. 

* i 

3.3 PROGRAM REVIEW 

i 

MSFC and SCI representatives will jointly conduct formal reviews of the relia- 
bility program to assess its progress and effectiveness and to determine the 
need for adjustments or changes. These formal reviews will normally be con- 
ducted in conjunction with scheduled program design reviews. 

These reviews will be in addition to the normal in-house program surveillance 
performed by the Reliability section. 
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FIGURE 3-2 

RELIABILITY SECTION FUNCTIONAL TASK CHART 






3.4 


SUPPLIER CONTROL 


SCI will impose, and enforce by surveillance if required, specific reliability- 
requirements upon suppliers of major procured items. The extent of requirements 
imposed by SCI will be hased on the performance demands of the items, as well 
as, the degree of confidence previously established with the sources of these 
items. In all cases, procured items will be controlled by adequate military 
specification, NASA or SCI control drawings which insure the quality and relia- 
bility of the items used on the program. Supplier design review meetings will 
be required for development of major components and will satisfy the intent of 
GSFC Document No. SMM- 300-01 Revision A. These design review meetings will 
include participation by MSFC and SCI representatives. 

Modifications to existing supplier 0S0-8 equipment will be evaluated for com- 
patibility with the Electronics Assembly (ERA). Major modifications and/or 
additions will be controlled by design specifications which detail the perform- 
ance demands of the Electronics Assembly. Appendix III of this plan presents 
the procedures used by SCI^in preparation of component specifications. 
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4.0 


PARTS STRESS ANALYSIS 


In order to assure that part applications conform to derating ground rules 
and to determine part failure based on applied stresses, a Reliability Engineer 
will conduct a Parts Stress Analysis on all piece parts in circuits that have 
changed from the 0S0-8 configuration and on all new hardware. A general des- 
cription of procedures to be used in performing this analysis are as follows. 

The initial step in any stress analysis is to identify the critical parameters 
associated with the failure of each type of component. These parameters then 
form the basis for identifying potential component problem areas. This is 
performed by making use of the recommended derating guides on which failure rates 
are based as well as review of part vendor specifications and part failure his- 
tories. The derating guidelines given in Appendix B of GFSC PPL 12 will be used 
for the ERA design. 

After identification of the critical parameters of each type of component, the 
system components are listed on their appropriate work sheets by generic type 
and reference designators. The forms to be used for this purpose are included 
in the Appendix I of this plan. Critical parameters, as described above, are 
then entered under the appropriate section for each component. 

Each component and parameter is then considered with the intent of insuring it 
cannot be overstressed under any circuit performance because of basic electrical 
laws. A few of the more useful laws are listed below. 
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(1) The peak voltage to any component cannot exceed the maximum differential 
source voltage of the component in the absence of energy storage elements 
(inductors, capacitors, etc.)* 

(2) The average power to a passive element cannot be greater than the maximum 
available differential voltage squared divided by the component’s internal 
resistance. 

(3) The peak current in a component cannot be greater than the maximum available 
differential voltage to the component divided by the component's internal 
resistance. 

(4) The maximum current in a transistor occurs during saturation. 

(5) The average power dissipated by a single transistor is less than the square 
of 1/2 the maximum differential voltage divided by the emitter and collector 
series resistance. 

In those cases where the derated maximum parameters can be insured as described 
above^ the component's application is inherently reliable and affords the maximum 
life of operating components. 

The enormous demands on circuit performance and optimization of packages dictate 
that some components must be operationally dependent. In these cases additional 
considerations must be made to insure they are within acceptable stress levels 
under all modes of operation. 


11 



After completion of the stress analysis as described above, the results will 
be summarized and reviewed to identify possible prob^m areas and corrective 
actions needed in view of the system requirements. It should be noted that this 
approach to a formal stress analysis is relatively free of measurement technique 
fallacies which might be encountered by other approaches and provides maximum 
identification of potential problem areas. 



5.0 


FAILURE MODE, EFFECT AND CRITICALITY ANALYSIS (FMECA) 


SCI will conduct an FMECA down to the functional subassembly level on all units 
of the ERA that change from the OSO-8 configuration and all new hardware. These 
analyses will be conducted and maintained current throughout the design stage to 
determine the possible modes of failure which may be eliminated or minimized by 
design corrective action. The results of this analysis will be available for 
design reviews. 

Since each FMECA is unique, procedures for performing FMECA must be flexible to 
the extent that they are effective and consistent with the severity of require- 
ments on the equipment. The following paragraphs will present the general pro- 
cedures used in performing this analysis on new designs at SCI. It is felt that 
these procedures provide enough definition to ensure effectiveness of the analysis 
without restricting the necessary flexibility. 

5.1 SYSTEM LEVEL ANALYSIS 

System level analysis must be initiated in the very early stages of design in 
order that abnormalities can be identified and necessary corrective action taken 
for achievement of effective system performance with the least amount of cost 
impact. In most cases this analysis is in progress on an informal basis during 
the proposal effort and prior to any contract award. 

After contract award, a formal approach to FMECA is begun on the system level. 

This system level analysis provides the ground work for determining the need for 
additional and more detailed studies of sub-systems, assemblies, and components. 

In addition, this analysis provides a yard stick in assessing the achievement of 
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contractual requirements of system performance and determining the effect of 
design changes which might be incorporated from time to time. 

The system level and associated additional studies are periodically reviewed to 
insure their applicability to present design and contractual requirements. Figure 
5-1 is a typical form used for this analysis. The following paragraphs will pre- 
sent particular techniques used in completing this form. 

5.2 IDENTIFICATION OF INPUTS AND OUTPUTS 

The first step in performing this analysis is to identify all functional outputs 
of the system. In the case of electrical signals it is usually effective to 
consider the interconnection points to other functions or systems. In cases of 
other types of inputs and outputs such as mechanical, they are individually con- 
sidered in terms of the effectiveness of the analysis. 

In the early stages of design the identification should be by functional descrip- 
tion only with the addition of reference designators to each functional descrip- 
tion as the equipment definition progresses. 

5.3 DETERMINATION OF FAILURE EFFECTS 

After proper identification of inputs and outputs, each will be entered on the 
work sheet and the possibility of internal secondary failures as a result of in- 
advertent shorted or open conditions will be considered. In addition to these 
considerations the system effect of loss of signal will be entered. Special 
considerations will be given when various modes of signal loss would result in 
significantly different effects. In these cases, failure modes will be itemized 
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FAILURE MODE, EFFECTS AND CRITICAL ANALYSIS WORK SHEET 


FUNCTIONAL description 


REFERENCE 

DESIGNATIONS 


FAILURE MOOES AND EFFECTS 


FREOUENCY CRITICALITY COMBINED ADDITIONAL 

OCCURRENCE FACTOR FACTOR REFERENCE 







for the function and separate effects will be identified. 


5.4 CRITICALITY OF FAILURE 

The effect of each failure mode on system performance must be considered. This 
will be done by assigning a criticality factor to each to reflect their effect 
on system operation. Those failures that reflect adverse system performance 
toward major mission goals will then be separately identified. 

5.5 SUB-SYSTEM ANALYSIS 

After a system level analysis has been formulated, the need for additional 
analysis can be identified and major emphasis can be placed on possible problem 
areas which have adverse effects on successful system performance or personnel 
safety. The techniques used to perform additional studies will vary with the 
nature of problems encountered. When the complex nature of the possible problems 
warrant, a detailed study will be performed on the subsystem level similar to 
that performed for system level analysis. In any event the analysis will identi- 
fy all critical and most probable modes of failure. 
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6.0 


STANDARDIZATION OF DESIGN PRACTICES 


SCI will utilize existing design and processing practices , procedures and 
standards insofar as practicable, modifying them as necessary to meet the 
quality and reliability requirements of the program. In consideration of the 
reliability demands on this program, the component application and derating 
guide in Appendix II of this document will be used in equipment design. 

Part types used on newly designed hardware will be chosen from the types already 
used on the OSO-8 hardware as much as possible for standardization of parts. 


7.0 


DESIGN REVIEW PROGRAM 


SCI will plan, schedule and conduct equipment design reviews at the following 
program milestones. 

(a) Pre-layout Review - At the formulation of design concept and prior to 
fabrication of any hardware. 

(b) Pre-prototype Review - At the completion of detailed design and prior to 
fabrication of prototype hardware. 

(c) Post-qualification Test Review - At the completion of qualification testing. 


These design reviews will be attended by cognizant representatives of SCI and 
MSFC. Mutually agreed to design review minutes, including action Items, will 
be provided the MSFC Program Manager. 
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8.0 


MALFUNCTION REPORTING AND FAILURE ANALYSIS 


The existing SCI failure reporting system will be utilized on the HRUV Pro- 
gram. Failures will be documented starting at the time of first power appli- 
cation at the subassembly level. All failures occurring during end-item test- 
ing at SCI will be formally reported to MSFC along with the results of failure 
analysis and corrective actions taken to prevent recurrence of the failure. 

The failure analysis group is responsible for the failure analysis and the trend 
forecasting operations. The information made available by this group will allow 
the program office to maintain control over the reliability of the hardware 
from piece-part to finished end-item as it passes through the various manufactur- 
ing operations. An important task of the program manager is to maintain the in- 
tegrity of the hardware through the production process. The analysis of in-pro- 
cess failures by this group provides company management with sufficient informa- 
tion so that additional resources may be allotted as required to maintain an 
orderly production flow. A closed loop failure reporting system will be utilized 
in this program. The cause of failure will be determined for each failure event 
after final assembly to allow timely corrective action to be initiated to prevent 
recurrence of similar problems. The following paragraph is a general description 
of the failure reporting system. 

The reporting system is a joint operation of the Quality Assurance and Reliability 
Sections. The duties of the two groups are delegated so that each group performs 
the activities most closely associated with its primary program responsibilities 
In the case of a malfunction during acceptance testing the Quality Assurance 
representative obtains the initial data concerning the malfunction, drafts a 
formal report regarding the incident, and reports the event to the Reliability 

1 

i 
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Section. Representatives from these two groups (with participation by the 
associated design group as required) decide if a detail analysis of the 
malfunction is necessary. If such an 'ir.a'iysis is required, the responsible 
gmiip f $) v/i 11 bo asked to perform the analysis to determine the cause of the 
failure. This information is then utilized to establish corrective action to 
prevent similar problems with later items. The data made available by each 
analysis is stored in the Data Bank which is maintained by the Reliability 
Section. The information is coded so that modern data processing techniques 
can be utilized in analysis of the information. A copy of the form used as 
input to the data bank is shown in Figure 8-1 and the associated codes in 
Figure 8-2. As one can easily see, the information may be recalled in any 
grouping necessary to investigate similar problems. Figure 8-3 is the form 
used for initial failure notification. 



178 (Rev. 11/74) 


RELIABILITY FAILURE ANALYSIS FORM 



REQUESTOR 


20 21 
S/N 


S/N 


S/N 


EXTERNAL VISUAL 


NO DEFECTS □ DEFECTIVE: 


fliiiiii 


TT 

" 


15 






Com' - jnent 

R r ;erence 

Uesig. 




30 



33 






39 



~TP 




n 


DEVICE 

TYPE 


SOLPER/WELD □ PACKAGE □ 

M/> , -IKING □ OTHER □ 


MANUF 


LEAD □ 



X - RAY 

N/A □ NO DISCREPANCIES □ DISCREPANCY □ 


HERMETICITY 
N/A □ 


GROSS 

□ PASS □ FAIL 


FINE 

□ PASS □ FAIL 


ELECTRICAL TEST 

N/A 11 GOCD □ OPEN □ SHORT □ OUT OF SPEC. □ VIBRATION □ TEMP. 


INTERN \L VISUAL 

N/A □ NO DEFECTS □ FOREIGN MATERIAL □ BOND/WIRE FAILURE □ 
METALLIZATION DEFECT □ OTHER □ 


ELECTRICAL OVERSTRESS □ 








REQUESTOR (6) 


DEVICE TYPE (75) 


A- Acceptance Test Procedure (A.T.P) 

B- Burn-In 

C- Customer Returned Material (C.R.M.) 
I- In Process Failure (I.P.F) 

P- Pre- A.T.P. 

Q- Quality Test Procedure (Q.T.P) 

R- Reliability Test Procedure (R.T.P) 


FAILURE MODE (78) 


A- No Entry 
B- Good 
C- Open 
D- Short 

E- Out of Tolerance 
F- Degraded 
G- Cracked Element 
II- Unbonded Chip 

1- Epoxy 
J- Wire 
K- Die Bond 
L- Post Bond 
M- Beam Lead 
N- External Lead 
0- Chipout 
P- Oxide Fault 
Q- Hermeticity 
R- Metalization 
S- Contamination 

T- Foreign Material " 

U- Electrical Overstress 
V- Weld or Solder Connection 
W- Wire Dress 
X- Unknown Mechanism 
Y- Broken Package 

2- Improper Removal 


2- ^laffiacturing 


^.Irregularity 

3- Mechanical 
Misalignment 

4- 

5 - 

6 - 

7- 

8 - 
9- 
* 

/ 


) 

( 

$ 


Workmanship 
Improper 
Installation 
Secondary Failure 
Troub le-Shooting 
Poor Wetting 
SCX 

\ ft R£G\ UU.A. Pi t Y 


Part Type 

A- Relay 
B- Board 
C- Capacitor 
D- Diode 
E- Flex Cable 
F- FET 
G- Connector 
H- Hybrid I.C. 

I- Intergrated Circuit 
J- Transformer 
K- Crystal 
L- Coil 
M- Memory 
R- Resistor 
S- Switch 
T- Transistor 
U- Mechanical Component 
V- Module 

W- OPTO-Electronic Device 


PROGRAM (51) 

Same as Drawing Numbers. 


SORT (66) 


DRAWING 

NO. (7) 

(16) (25) 

(34) 

A-1995 

Lockheed 

1-1533 

Titan 

B-2595 


J-3395 

Titan 

C-3344 

ii 

K-3457 

Hughes 

D- 1932 

ii 

L-3631 

F15 

E-2532 


M-2602 

F15 

F- 3532 

ii 

N-3895 

Titan 

G-2512 


o-^w- 

F-15 

H-3512 

it 

p_ 3604 
Gr 

F- 15 


A- Starting 1 January 1975. 

(65) WIRE/INTERCONNECT METALIZATION 

A- AL/AL 
B- Beam Lead 
C- Gold/Al 
D- Gold/Gold 
E- AL/Gold Post 
F- Gold/Gold Post 

Z- Other 


FIGURE 8-2 
22 
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3.2 


RELIABILITY SECTION 


The primary role of the Reliability Section is to provide direct assistance in 
the areas of reliability engineering, reliability analysis, component selection 
and component analysis. The department provides indirect support in the way 
of statistical evaluation of test results and trend evaluation. This particular 
operation insures that sufficient inter-program communication is maintained con- 
cerning the general performance and quality of the electronic hardware developed 
and produced by SCI Systems, Inc. 

The organization of the Reliability section is presented by the functional task 
chart on the following page. This chart outlines the assigned duties of each 
operating group within the department. 

In general, SCI's Reliability Section operates to fulfill the exacting analytical 
requirements of the applicable military and civilian aerospace programs. The 
experience gained on previous programs will allow the several tasks to be per- 
formed using the most recent component information available coupled with exact - 

i 

ing electrical and mechanical designs. 

i s 

3.3 PROGRAM REVIEW 

i 

MSFC and SCI representatives will jointly" conduct formal reviews of the relia- 
bility program to assess its progress and effectiveness and to determine the 
need for adjustments or changes. These formal reviews will normally be con- 
ducted in conjunction with scheduled program design reviews. 

These reviews will be in addition to the normal in-house program surveillance 
performed by the Reliability section. 
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FIGURE 3-2 


RELIABILITY SECTION FUNCTIONAL TASK CHART 






3.4 


SUPPLIER CONTROL 


SCI will impose, and enforce by surveillance if required, specific reliability 
requirements upon suppliers of major procured items. The extent of requirements 
imposed by SCI will be hased on the performance demands of the items, as well 
as, the degree of confidence previously established with the sources of these 
items. In all cases, procured items will be controlled by adequate military 
specification, NASA or SCI control drawings which insure the quality and relia- 
bility of the items used on the program. Supplier design review meetings will 
be required for development of major components and will satisfy the intent of 
GSFC Document No. SMM-300-01 Revision A. These design review meetings will 
include participation by MSFC and SCI representatives. 

Modifications to existing supplier 0S0-8 equipment will be evaluated for com- 
patibility with the Electronics Assembly (ERA). Major modifications and/or 
additions will be controlled by design specifications which detail the perform- 
ance demands of the Electronics Assembly. Appendix III of this plan presents 
the procedures used by SCI ^ in preparation of component specifications. 
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4.0 


PARTS STRESS ANALYSIS 


In order to assure that part applications conform to derating ground rules 
and to determine part failure based on applied stresses, a Reliability Engineer 
will conduct a Parts Stress Analysis on all piece parts in circuits that have 
changed from the 0S0-8 configuration and on all new hardware. A general des- 
cription of procedures to be used in performing this analysis are as follows. 

The initial step in any stress analysis is to identify the critical parameters 
associated with the failure of each type of component. These parameters then 
form the basis for identifying potential component problem areas. This is 
performed by making use of the recommended derating guides on which failure rates 
are based as well as review of part vendor specifications and part failure his- 
tories. The derating guidelines given in Appendix B of GFSC PPL 12 will be used 
for the ERA design. 

After identification of the critical parameters of each type of component, the 
system components are listed on their appropriate work sheets by generic type 
and reference designators. The forms to be used for this purpose are included 
in the Appendix I of this plan. Critical parameters, as described above, are 
then entered under the appropriate section for each component. 

Each component and parameter is then considered with the intent of insuring it 
cannot be overstressed under any circuit performance because of basic electrical 
laws. A few of the more useful laws are listed below. 
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(1) The peak voltage to any component cannot exceed the maximum differential 
source voltage of the component in the absence of energy storage elements 
(inductors, capacitors, etc.). 

(2) The average power to a passive element cannot be greater than the maximum 
available differential voltage squared divided by the component's internal 
resistance. 

(3) The peak current in a component cannot be greater than the maximum available 
differential voltage to the component divided by the component's internal 
resistance. 

(4) The maximum current in a transistor occurs during saturation. 

(5) The average power dissipated by a single transistor is less than the square 
of 1/2 the maximum differential voltage divided by the emitter and collector 
series resistance. 

In those cases where the derated maximum parameters can be insured as described 
above ; the component's application is inherently reliable and affords the maximum 
life of operating components. 

The enormous demands on circuit performance and optimization of packages dictate 
that some components must be operationally dependent. In these cases additional 
considerations must be made to insure they are within acceptable stress levels 
under all modes of operation. 
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After completion of the stress analysis as described above, the results will 
be summarized and reviewed to identify possible prob.^m areas and corrective 
actions needed in view of the system requirements. It should be noted that this 
approach to a formal stress analysis is relatively free of measurement technique 
fallacies which might be encountered by other approaches and provides maximum 
identification of potential problem areas. 



5.0 


FAILURE MODE, EFFECT AND CRITICALITY ANALYSIS (FMECA) 


SCI will conduct an FMECA down to the functional subassembly level on all units 
of the ERA that change from the OSO-8 configuration and all new hardware. These 
analyses will be conducted and maintained current throughout the design stage to 
determine the possible modes of failure which may be eliminated or minimized by 
design corrective action. The results of this analysis will be available for 
design reviews. 

Since each FMECA is unique , procedures for performing FMECA must be flexible to 
the extent that they are effective and consistent with the severity of require- 
ments on the equipment. The following paragraphs will present the general pro- 
cedures used in performing this analysis on new designs at SCI. It is felt that 
these procedures provide enough definition to ensure effectiveness of the analysis 
without restricting the necessary flexibility. 

5.1 SYSTEM LEVEL ANALYSIS 

System level analysis must be initiated in the very early stages of design in 
order that abnormalities can be identified and necessary corrective action taken 
for achievement of effective system performance with the least amount of cost 
impact. In most cases this analysis is in progress on an informal basis during 
the proposal effort and prior to any contract award. 

After contract award, a formal approach to FMECA is begun on the system level. 

This system level analysis provides the ground work for determining the need for 
additional and more detailed studies of sub-systems, assemblies, and components. 

In addition, this analysis provides a yard stick in assessing the achievement of 
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contractual requirements of system performance and determining the effect of 
design changes which might be incorporated from time to time. 

The system level and associated additional studies are periodically reviewed to 
insure their applicability to present design and contractual requirements. Figure 
5-1 is a typical form used for this analysis. The following paragraphs will pre- 
sent particular techniques used in completing this form. 

5.2 IDENTIFICATION OF INPUTS AND OUTPUTS 

The first step in performing this analysis is to identify all functional outputs 
of the system. In the case of electrical signals it is usually effective to 
consider the interconnection points to other functions or systems. In cases of 
other types of inputs and outputs such as mechanical, they are individually con- 
sidered in terms of the effectiveness of the analysis. 

In the early stages of design the identification should be by functional descrip- 
tion only with the addition of reference designators to each functional descrip- 
tion as the equipment definition progresses. 

5.3 DETERMINATION OF FAILURE EFFECTS 

After proper identification of inputs and outputs, each will be entered on the 
work sheet and the possibility of internal secondary failures as a result of in- 
advertent shorted or open conditions will be considered. In addition to these 
considerations the system effect of loss of signal will be entered. Special 
considerations will be given when various modes of signal loss would result in 
significantly different effects. In these cases, failure modes will be itemized 
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for the function and separate effects will be identified. 


5.4 CRITICALITY OF FAILURE 

The effect of each failure mode on system performance must be considered. This 
will be done by assigning a criticality factor to each to reflect their effect 
on system operation. Those failures that reflect adverse system performance 
toward major mission goals will then be separately identified. 

5.5 SUB-SYSTEM ANALYSIS 

After a system level analysis has been formulated, the need for additional 
analysis can be identified and major emphasis can be placed on possible problem 
areas which have adverse effects on successful system performance or personnel 
safety. The techniques used to perform additional studies will vary with the 
nature of problems encountered. When the complex nature of the possible problems 
warrant, a detailed study will be performed on the subsystem level similar to 
that performed for system level analysis. In any event the analysis will identi- 
fy all critical and most probable modes of failure. 
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6.0 


STANDARDIZATION OF DESIGN PRACTICES 


SCI will utilize existing design and processing practices, procedures and 
standards insofar as practicable, modifying them as necessary to meet the 
quality and reliability requirements of the program. In consideration of the 
reliability demands on this program, the component application and derating 
guide in Appendix II of this document will be used in equipment design. 

Part types used on newly designed hardware will be chosen from the types already 
used on the 0S0-8 hardware as much as possible for standardization of parts. 
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7.0 


DESIGN REVIEW PROGRAM 



SCI will plan, schedule and conduct equipment design reviews at the following 
program milestones. 

(a) Pre-layout Review - At the formulation of design concept and prior to 
fabrication of any hardware. 

(b) Pre-prototype Review - At the completion of detailed design and prior to 
fabrication of prototype hardware. 

(c) Post-qualification Test Review - At the completion of qualification testing. 


These design reviews will be attended by cognizant representatives of SCI and 
MSFC. Mutually agreed to design review minutes, including action items, will 
be provided the MSFC Program Manager. 
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8.0 


.MALFUNCTION REPORTING AND FAILURE ANALYSIS 


The existing SCI failure reporting system will be utilized on the HRUV Pro- 
gram. Failures will be documented starting at the time of first power appli- 
cation at the subassembly level. All failures occurring during end-item test- 
ing at SCI will be formally reported to MSFC along with the results of failure 
analysis and corrective actions taken to prevent recurrence of the failure. 

The failure analysis group is responsible for the failure analysis and the trend 
forecasting operations. The information made available by this group will allow 
the program office to maintain control over the reliability of the hardware 
from piece-part to finished end-item as it passes through the various manufactur- 
ing operations . An important task of the program manager is to maintain the in- 
tegrity of the hardware through the production process. The analysis of in-pro- 
cess failures by this group provides company management with sufficient informa- 
tion so that additional resources may be allotted as required to maintain an 
orderly production flow. A closed loop failure reporting system will be utilized 
in this program. The cause of failure will be determined for each failure event 
after final assembly to allow timely corrective action to be initiated to prevent 
recurrence of similar problems. The following paragraph is a general description 
of the failure reporting system. 

The reporting system is a joint operation of the Quality Assurance and Reliability 
Sections. The duties of the two groups are delegated so that each group performs 
the activities most closely associated with -its primary program responsibilities 
In the case of a malfunction during acceptance testing the Quality Assurance 
representative obtains the initial data concerning the malfunction, drafts a 
formal report regarding the incident, and reports the event to the Reliability 
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Section. Representatives from these two groups (with participation by the 
associated design group as required) decide if a detail analysis of the 
malfunction is necessary. If such an analysis is required, the responsible 
group (s) will be asked to perform the analysis to determine the cause of the 
failure. This information is then utilized to establish corrective action to 
prevent similar problems with later items. The data made available by each 
analysis is stored in the Data Bank which is maintained by the Reliability 
Section. The information is coded so that modern data processing techniques 
can be utilized in analysis of the information. A copy of the form used as 
input to the data bank is shown in Figure 8-1 and the associated codes in 
Figure 8-2. As one can easily see, the information may be recalled in any 
grouping necessary to investigate similar problems. Figure 8-3 is the form 
used for initial failure notification. 
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RELIABILITY FAILURE ANALYSIS FORM 



REQUESTOR 


S/N 


S/N 


EXTERNAL VISUAL 


NO DEFECTS □ DEFECTIVE: 


IT 
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24 






66 67 

Component 

SORT Reference 

Desig. 




30 



33 







39 



42 






DEVICE 

TYPE 


SOLDER/WELD □ PACKAGE □ 

MARKING □ OTHER □ 



MANUF. 


LEAD □ 


FAILURE 

MODE 



X - RAY 

N/A □ NO DISCREPANCIES □ DISCREPANCY □ 


HERMETICITY 
N/A □ 


GROSS 

□ PASS □ FAIL 


FINE 

□ PASS □ FAIL 


ELECTRICAL TEST 

N/A □ GOOD □ OPEN □ SHORT □ OUT OF SPEC. □ VIBRATION □ TEMP. 


INTERNAL VISUAL 

N/AP NO DEFECTS □ FOREIGN MATERIAL □ BOND/WIRE FAILURE □ 
METALLIZATION DEFECT □ OTHER □ 


ELECTRICAL OVERSTRESS □ 



FIGURE 8-1 


2: 










REQUESTOR (6) 


DEVICE TYPE (75) 


A- 

Acceptance Test Procedure (A.T.P) 

Part Type 

B- 

Burn-In 





C- 

Customer Returned 

Material (C.R.M.) 

A- 

Relay 

I- 

In Process Failure (I 

. P . F) 

B- 

Board 

P- 

Pre- A.T.P. 



C- 

Capacitor 

Q- 

Quality Test Procedure (Q.T.P) 

D- 

Diode 

R- 

Reliability Test 

Procedure (R.T.P) 

E- 

Flex Cable 





F- 

FET 





G- 

Connector 

FAILURE MODE (78) 



H- 

Hybrid I.C. 



( 

'VENDOR 

I- 

Intergrated Circuit 

A- 

No Entry 

2- - 

) Manufacturing 

J- 

Transformer 

B- 

Good 

< 

^Irregularity 

K- 

Crystal 

C- 

Open 

3- 

Mechanical 

L- 

Coil 

D- 

Short 


Misalignment 

M- 

Memory 

E- 

Out of Tolerance 

4- 


R- 

Resistor 

F- 

Degraded 

5- 

Workmanship 

S- 

Switch 

G- 

Cracked Element 

6- 

Improper 

T- 

Transistor 

II- 

Unbonded Chip 


Installation 

U- 

Mechanical Component 

I- 

Epoxy 

7- 

Secondary Failure 

V- 

Module 

J- 

Wire 

8- 

Troub le -Shooting 

w- 

OPTO-Electronic Device 

K- 

Die Bond 

9- 

Poor Wetting 



L- 

Post Bond 

* 

SCX NAAUU^ACTURMJQ 


M- 

Beam Lead 

/ 

\ R. R UL-A. PIT Y 



N- 

External Lead 





0 - 

Chipout 

9 




P- 

Oxide Fault 

) 




Q- 

Hermeticity 

c 




R- 

Metalization 

$ 




S- 

Contamination 





T- 

Foreign Material 

»! 




U- 

Electrical Overstress 





V- Weld or Solder Connection 
W- Wire Dress 
X- Unknown Mechanism 
Y- Broken Package 
Z- Improper Removal 


PROGRAM (51) 

Same as Drawing Numbers. 
SORT (66) 


DRAWING 

NO. (7) 

(16) (25) 

(34) 

A-1995 

Lockheed 

1-1533 

Titan 

B-2595 


J-3395 

Titan 

C-3344 


K-3457 

Hughes 

D- 1932 

t! 

L-3631 

F15 

E-2532 

II 

M-2602 

F15 

F- 3532 

II 

N-3895 

Titan 

G-2512 

f« 

0-4^44 

F-15 

H-3512 

II 

p- 3604 

Gr 

R~ 

F- 15 


A- Starting 1 January 1975. 

(65) wire/interconnect METALIZATION 

A- AL/AL 
B- Beam Lead 
C- Gold/Al 
D- Golc(/Gold 
E- AL/Gold Post 
F- Gold/Gold Post 

Z- Other 


FIGURE 8-2 
22 
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9.0 


PARTS AND MATERIALS PROGRAM 


SCI will, as a general policy, select parts for the system on the basis of 
proven qualification of each part and material for its application (s) and select 
them from sources employing effective reliability and quality programs in their 
manufacture. Every effort will be made to choose items already qualified to 
pertinent specifications and to use the minumum practicable number of styles of 
each generic type. When selecting items previously qualified. SCI will devote 
particular attention to currentness of data, applicability of basis of qualifica- 
tion, and adequacy of specifications. 

The drawings, specifications, and procedures required to properly implement this 
program will be drawn from existing SCI documentation files whej-'ever possible. 
These documents will be reviewed to make certain that they are adequate for the 
intended purpose. In situations where the existing documentation is inadequate, 
special supplements or new procedures will be written. Where applicable, the 
documentation will be placed under formal control. 

The GSFC Preferred Parts List (PPL) will be used as a guide for selection of new 
parts on the HRUV program. A parts list, materials list and process list will 
be maintained and submitted to the MSFC Program Manager for SMM Project approval. 
New design will utilize part types already used on the 0S0-8 hardware, as much 
as possible, to make use of parts already on hand from that program, but only 
after approval for use in SMM hardware has been given by the MSFC Program Man- 
ager for the SMM Project. 
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SCI will impose screening requirements on all parts used in the fabrication of 
flight hardware. Inventory on hand from the previous contract for OSO-8 hard- 
ware must be approved by the MSFC Program Manager for the SMM Project prior 
to use in flight hardware. This screening will be performed as an integral part 
of the testing performed by the manufacturer, or during part screening at SCI 
prior to installation into equipment. Figure 9-1 presents the screening 
matrix intended for use on flight hardware components. 
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NOTE: 


Screening will be performed as applicable in the sequence shown from left to right 
according to the appropriate SCI In-house screening instruction and/or SCI 
procurement s pec if ication. 
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10.0 EQUIPMENT LOGS 

SCI will maintain complete equipment Status logs on the equipment in compliance 
with configuration management requirements. Each log will be identified to the 
equipment to which it pertains and will be maintained in chronological order and 
account for all periods of time including idle periods and any movements of the 
item. Entries will be complete, self-explanatory, and include the following: 

a. Date and time of entry. 

b. Identity of test or inspection. 

c. Environmental conditions. 

d. Characteristics being investigated. 

e. Parameter measurements, 

f. Complete identification of instrumentation used including 
serial number and calibration date. 

g. Failure observations and failure report reference. 

h. Accumulated operating time. 

i. Cumulative number of duty cycles to date. 

j . Discrepancies between the item tested and pertinent 
specifications or drawings. 

k. Repair and maintenance record. 

l. Record of pertinent, unusual or questionable occurrences 
involving the equipment. 

m. Action taken to have "quick fixes" in test formalized as 
design changes. 

n. Identity of individual making entry. 
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11.0 


RELIABILITY REPORTING 


Monthly reports on the status of reliability activities will be prepared by 
SCI for transmittal to MSFC as a part of the Monthly Product Assurance Status 
Report. 

Reports will include, but not be limited to, the following sections: 

1. Technical Progress - Significant achievements that occurred 
within the reporting period, the cumulative status of the 
reliability effort versus the scheduled program, etc. 

2. Review of Significant Events - Comments on the major design 
changes and their effect on reliability; analysis of 
significant failures occurring during the reporting period; 
discussion of current and/or anticipated reliability problem 
areas, with recommendations for solution, etc. 
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10.0 EQUIPMENT LOGS 

SCI will maintain complete equipment flatus logs on the equipment in compliance 
with configuration management requirements. Each log will be identified to the 
equipment to which it pertains and will be maintained in chronological order and 
account for all periods of time including idle periods and any movements of the 
item. Entries will be complete, self-explanatory, and include the following: 

a. Date and time of entry. 

b. Identity of test or inspection. 

c. Environmental conditions. 

d. Characteristics being investigated. 

e. Parameter measurements. 

f. Complete identification of instrumentation used including 
serial number and calibration date. 

g. Failure observations and failure report reference. 

h. Accumulated operating time. 

i. Cumulative number of duty cycles to date. 

j. Discrepancies between the item tested and pertinent 
specifications or drawings. 

k. Repair and maintenance record. 

l. Record of pertinent, unusual or questionable occurrences 
involving the equipment. 

m. Action taken to have "quick fixes" in test formalized as 
design changes. 

n. Identity of individual making entry. 
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11.0 RELIABILITY REPORTING 

Monthly reports on the status of reliability activities will be prepared by 
SCI for transmittal to MSFC as a part of the Monthly Product Assurance Status 
Report . 

Reports will include, but not be limited to, the following sections: 

1. Technical Progress - Significant achievements that occurred 
within the reporting period, the cumulative status of the 
reliability effort versus the scheduled program, etc. 

2. Review of Significant Events - Comments on .e major design 
changes and their effect on reliability; analysis of 
significant failures occurring during the reporting period, 
discussion of current and/or anticipated reliability problem 
areas, with recommendations for solution, etc. 
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